Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2014"

Transcription

1 Network Security: WLAN Security Tuomas Aura T Network security Aalto University, Nov-Dec 2014

2 Outline Wireless LAN technology Threats against WLANs (Weak security mechanisms and historical WEP) Real WLAN security: WPA2 Password-based user authentication WLAN mobility Eduroam case study 2

3 Wireless LAN technology

4 Wireless LAN (WLAN) standards IEEE standard defines physical and link layers for wireless Ethernet LANs Wi-Fi is an industry alliance to promote interoperability Original , latest , amendments e.g ac Physical layer: Uses unlicensed bands at 2.4 GHz (microwave ovens, Bluetooth) and 5 GHz Up to 14 radio channels in the 2.4 GHz band, but only about 3 nonoverlapping ones Link layer Looks like Ethernet (802.3) to layers above MAC protocol differs from because one antenna cannot detect collisions while transmitting explicit ACKs needed 4

5 Small-business LAN Hub or Switch Gateway router + Firewall + NAT Internet Workstations Server in DMZ Security perimeter In small networks, the switch, router, firewall and NAT are often one device Servers APs In larger networks, the functions may be in separate boxes Wireless stations 5

6 Small-business WLAN Hub or Switch Gateway router + Firewall + NAT Internet Workstations Server in DMZ Security perimeter Servers APs Wireless stations 6

7 Main WLAN security threat Hub or Switch Gateway router + Firewall + NAT Internet Workstations Server in DMZ Security perimeter Servers APs Wireless stations 7

8 Wireless LAN components Access point (AP) = bridge between wireless (802.11) and wired (802.3) networks Wireless station (STA) = PC or other device with a wireless network interface card (NIC) To be precise, AP is also a STA Stations are identified by globally unique 48-bit MAC address MAC = Medium Access Control, don t confuse with message authentication code MAC address is assigned to each network interface card (NIC) by the manufacturer, which gets them from IEEE Infrastructure mode = wireless stations communicate only with AP Ad-hoc mode = no AP; wireless stations communicate directly with each other We will focus on infrastructure-mode WLANs 8

9 Wireless LAN structure Basic service set (BSS) = one WLAN cell (one AP + other wireless stations) The basic service set is identified by basic service set identifier (BSSID) = AP MAC address Extended service set (ESS) = multiple cells where the APs have the same service set identifier (SSID) The wired network is called distribution network in the standard; typically it is wired Ethernet APs in the same ESS can belong to the same IP network segment, or to different ones 9

10 Joining a wireless LAN AP sends beacons, usually every 50 ms Beacons usually include the SSID but the SSID broadcast can be turned off STA must specify SSID to the AP in association request Open system authentication = no authentication, empty authentication messages 10

11 Leaving a wireless LAN Both STA and AP can send a Disassociation Notification or Deauthentication Notification STA Deauthentication-Notification AP 11

12 association state machine Authentication Remember: these are just empty messages for backward compatibility, not real authentication Association or reassociation State1: unauthenticated, unassociated State 2: authenticated, unassociated Deauthentication notification Deauthentication notification STA can send only control and management frames though AP State 3: authenticated, associated Disassociation notification STA can also send data frames 12

13 Threats against WLANs

14 Exercise: WLAN threat analysis List as many threats against wireless LANs as you can think of. What kind of unwanted things can happen? Consider home, small-business, corporate and university networks, Internet cafes and commercial hotspot operators Prioritize the threats roughly by how serious they are. Which threats can be ignored and which not? 14

15 Wireless LAN threats Signal interception sniffing Unauthorized network access access to intranet or Internet access without authorization or payment Access-point misconfiguration Unauthorized APs unauthorized ingress routes to intranet may bypass firewall Denial of service logical attacks with spoofed signaling, signal jamming AP spoofing stronger signal attracts STAs MitM attack by AP especially free open AP 15

16 Signal interception The radio signal is not confined to a physical building Attacker can sniff traffic outside the building, e.g. in the parking lot Directional high-gain antenna can intercept WLAN signal from hundreds of meters away 16

17 Unauthorized network access Discussion: Would you mind your neighbors accessing your home AP? Would a university, a company or a commercial WLAN operator want to control access? Using unprotected WLAN for Internet access is now legal in Finland Wardriving: Hobbyists drive around the city looking for open hotspots and create maps of open WLANs that can be used for Internet access Tools: 17

18 AP configuration Many different ways to configure access points: Web page (home routers) SNMP (professional access points) serial cable Telnet Default passwords hackers can change the configuration or replace firmware 18

19 Unauthorized access points Unauthorized access points installed by employees are often badly administered: No access control enabled; anyone can connect Direct access to the intranet behind firewall Attacker can use unauthorized APs to access the intranet Solutions: AP sweeps: walk or drive around premises and look for AP beacons Scan for SNMP and web admin interfaces in the intranet Some high-end APs have built-in feature for unauthorized AP detection Similar to unauthorized modems in the old days 19

20 Logical attacks: Denial of service Spoofed deauthentication or disassociation message causes the AP or STA to lose state AP capacity exhaustion: Typical AP handles data fast but association and authentication slower flood AP with false authentications to prevent honest nodes from associating Radio jamming: Either jam the who radio channel or selectively break some frames 20

21 AP spoofing Clients are configured to associate automatically with APs that advertise specific SSIDs Attack: fake AP broadcasts cyclically all known hotspot, hotel, airport and company SSIDs clients will associate with it automatically thinking they are at the hotspot easy MitM attack on all IP packets 21

22 WLAN security goals Wireless LAN security protocols have following goals: Data confidentiality and integrity prevent sniffing and spoofing of data on the wireless link Access control allow access only for authorized wireless stations Accounting hotspot operators may want to meter network usage Authentication access control and accounting usually depend on knowing the identity of the wireless station or user Availability do not make denial-of-service attacks easy (radio jamming is always possible) Not all problems have been solved 22

23 Weak security mechanisms and historical WEP Good to know WEP is a historical protocol, not for use in modern times! 23

24 Discussion: common recommendations The following security measures are often recommended to WLAN administrators: Disable the SSID broadcast Maintain a list of authorized MAC addresses and block unauthorized ones from the network Select AP locations in the middle of the building (not close to windows), use directional antennas and line walls and windows with metal foil to minimize the signal leakage to the outside of the building How much security do these measures bring? How expensive are they? 24

25 Weak WLAN security mechanisms Disabling the SSID broadcast attacker can sniff the SSID when other clients associate ACL of authorized MAC addresses attacker can sniff and spoof another client's MAC address AP locations, directional antennas and metal foil to keep signal inside a building hard to build a Faraday cage, and attacker can use a directional antenna with high gain Weak security mechanisms are rarely worth the trouble 25

26 Historical WEP encryption Historical In original standard, no longer is use WEP = Wired Equivalent Privacy; goal was security equivalent to a wired LAN Encryption and integrity check for data frames; management frames unprotected RC4 stream cipher with a static 40-bit pre-shared key and 24-bit initialization vector (128-bit WAP = 104-bit key + 24-bit IV) Integrity check value (ICV) = CRC checksum encrypted with RC4 Multiple cryptographic weaknesses make WEP vulnerable to attacks; today gives no security 26

27 shared-key authentication Alternative to open-system authentication in , never really used AP authenticates STA: STA encrypts a challenge with the WEP algorithm and preshared key Historical Unidirectional entity authentication only; no connection to message authentication AP could require WEP encryption and authentication, or only one of them 27

28 WEP keys Historical WEP keys are configured manually; no other mechanism specified in STA can store 4 keys simultaneously; every frame header contains a 2-bit key id AP and all stations may share the same key, or AP may have a different key for each client STA (perstation keys) No effect on client STA implementation AP implementation much more complex with per-station keys rarely implemented before WPA 28

29 WEP security weaknesses Historical 40-bit keys brute-force cracking Static keys cannot change keys often 24-bit IV IV reuse; dictionary attack; all IV values exhausted in 5 hours or less on a busy AP IV generation not specified reuse possible even earlier CRC+RC4 for ICV possible to modify data No protection for management frames disassociation and deauthentication attacks Authentication not bound to the session man-in-the-middle and replay attacks Authentication based on RC4 attacker learns key stream and can spoof responses Weak IV attacker against RC4 cracking of 104-bit WEP keys 29

30 Is link-layer security needed? Wireless LAN security protocols provide link-layer security only; not end-to-end protection Good for corporate APs: access control to LAN Good for commercial WLAN operators: access control for paying customers Irrelevant for road warriors at wireless hotspots and at other untrusted networks Alternative: treat WLAN as insecure and use end-toend security, such as IPSec or VPN e.g. Aalto vs. Aalto Open 30

31 Alternative architecture Hub or Switch Gateway router + Firewall + NAT Internet Workstations Security perimeter Server in DMZ Servers APs Wireless stations 31

32 Is WLAN access control needed? Arguments for controlling access: Open WLAN allows hackers to access the corporate or home LAN; firewall protection bypassed; "like having an Ethernet socket in the parking lot" Unauthorized users consume network resources without paying Contract with ISP may not allow providing public service Liability issues if the unauthorized users send spam or uploading illegal content Arguments for open access: Good service for customers and visitors End-to-end security needed anyway Little lost by giving away excess bandwidth; authorized users can be given better QoS High-end access points and virtual LANs (VLAN) make it possible to configure two SSIDs on the same physical AP, one for authenticated intranet access and one for open Internet access 32

33 Real WLAN security: WPA2 The most important part of this leacture

34 Real WLAN security mechanisms Wireless Protected Access 2 (WPA2) WPA2 is the Wi-Fi alliance name for the i amendment to the IEEE standard, now part of Robust security network (RSN)= name of WPA2 in the standard 802.1X for access control EAP authentication and key exchange, eg. EAP-TLS New confidentiality and integrity protocol AES-CCMP Historical: Wireless Protected Access (WPA) Used in the transition period before the 11i standard and before AES hardware support in NICs TKIP encryption = RC4 with frequently changing keys and other enhancements Security of TKIP and WPA is now considered broken, disable them in your AP! 34

35 RSN key hierarchy! *********** Passphrase Pre-Shared Key PSK = PBKDF2(Passphrase) Pairwise Master Key PMK = PSK or MSK Pairwise Temporal Key PTK = PRF(PMK,BSSID,MACaddr STA,N AP,N STA ) split 802.1X authentication Master Session Key MSK Key Confirmation Key KCK Key Encryption Key KEK Temporal Key TK (key material for session keys) Two alternative ways to obtain keys: Preshared key (PSK) authentication= WPA2-PSK = WPA2-Personal 802.1X authentication= WPA2-EAP = WPA2-Enterprise 35

36 RSN key hierarchy Pairwise keys between AP and STA: Pairwise master key (PMK) Temporal keys derived from PMK data encryption and integrity keys EAPOL-Key encryption and integrity keys 4-message protocol of EAPOL-Key messages is used to refresh temporal keys Key computed as a hash of PMK, new nonces, and AP and STA MAC addresses Group keys for group and broadcast communication 36

37 WPA2-Personal, 4-way handshake Wireless Station (STA) [Probe-Request] Beacon or Probe-Response (supported security) Authentication-Request Access Point (AP)! Authentication-Response (Success) Association-Request Association-Response Compute PTK Install PTK EAPOL-Key: counter, N AP EAPOL-Key: counter, N STA, MIC KCK (this frame) EAPOL-Key: counter+1,n AP, Install PTK, E KEK (GTK), MIC KCK (this frame) EAPOL-Key: counter+1, MIC KCK (this frame) Compute PTK Install PTK 4-way handshake PMK = key derived from Passphrase counter = replay prevention, reset for new PMK PRF = pseudo-random function PTK = PRF(PMK,MACaddr AP,MACaddr STA,N AP,N STA ) KCK, KEK = parts of PTK MIC = message integrity check, a MAC GTK = Group Temporal Key 4-way handshake takes PMK as input and produces session keys 37

38 IEEE 802.1X Port-based access control originally intended for enabling and disabling physical ports on switches and modem banks Conceptual controlled port at AP Uses Extensible Authentication Protocol (EAP) to support many authentication methods; usually EAP-TLS Starting to be used in Ethernet switches, as well 38

39 802.11/802.1X architecture Supplicant wants to access the wired network via the AP Authentication Server (AS) authenticates the supplicant Authenticator enables network access for the supplicant after successful authentication 39

40 EAP Extensible authentication protocol (EAP) defines generic authentication message formats: Request, Response, Success, Failure Originally designed for authenticating dial-up users with multiple methods Security is provided by the authentication protocol carried in EAP, not by EAP itself EAP supports many authentication protocols: EAP-TLS, PEAP, EAP-SIM,... Used in 802.1X between supplicant and authentication server EAP term for supplicant is peer, reflecting the original idea that EAP could be used for mutual authentication between equal entities 40

41 EAP protocol Peer Authenticator EAP Request / Identity EAP Response / Identity EAP Request EAP Response EAP Success/Failure EAP Server Pass-though Request-response pairs User identified by network access identifier (NAI): Allows multiple rounds of request response, e.g. for mistyped passwords 41

42 EAP-TLS Protocol Peer EAP-Request / Identity EAP-Response / Identity EAP-TLS-Request (start) EAP-TLS-Response: ClientHello EAP-TLS-Request: ServerHello, Certificate, ServerKeyExchange, CertificateRequest, ServerHelloDone EAP-TLS-Response: Certificate, ClientKeyExchange, CertificateVerify, ChangeCipherSpec, Finished EAP-TLS-Request: ChangeCipherSpec, Finished EAP-TLS-Response (empty) EAP-Success EAP Server 42

43 EAP encapsulation in 802.1X and WLAN EAPOL EAP encapsulated in RADIUS Supplicant (STA) Authenticator (AP) Authentication Server (RADIUS Server) On the wire network, EAP is encapsulated in RADIUS attributes On the link, EAP is encapsulated in EAP over LAN (EAPOL) In 802.1X, AP is a pass-through device: it copies most EAP messages without reading them 43

44 RADIUS Remote access dial-in user service (RADIUS) Originally for centralized authentication of dial-in users in distributed modem pools Defines messages between the network access server (NAS) and authentication server: NAS sends Access-Request Authentication server responds with Access-Challenge, Access- Accept or Access-Reject In WLAN, AP is the NAS EAP is encapsulated in RADIUS Access-Request and Access-Challenge; as many rounds as necessary RADIUS has its own security protocols based on shared keys between servers, and server and authenticator 44

45 RADIUS security AP and authentication server share a secret Responses from authentication server contain an authenticator; requests from authenticator (AP) are not authenticated Authenticator = MD5 hash of the message, AP's nonce and the shared secret Per-station key material is sent to the AP encrypted with the shared secret Radius uses a non-standard encryption algorithms but no problems found so far (surprising!) Important to use a long ( 16 characters) random shared secret to prevent offline cracking; no need to memorize it 45

46 EAP protocol in context Wireless Station (STA) [Probe-Request] Beacon or Probe-Response Authentication-Request Authentication-Response Association-Request Association-Response EAP Request / Identity EAP Response / Identity EAP-TLS Request (start) EAP-TLS Response EAP Success EAPOL-Key (4-way handshake) EAPOL-Key (4-way handshake) EAPOL-Key (4-way handshake) EAPOL-Key (4-way handshake) Access Point (AP) Open System authentication Access enabled only to RADIUS server EAP encapsulated in EAPOL RADIUS-Access-Request RADIUS-Access-Challenge RADIUS-Access-Request RADIUS-Access-Accept Access to wired network enabled Temporal keys created from PMK, cell-broadcast key GTK delivered to STA EAP encapsulated in RADIUS Authentication Server (RADIUS Server) TLS mutual authentication and key exchange inside EAP PMK delivered to AP

47 802.1X stack and specifications TLS (RFC5246) EAP-TLS (RFC5216) EAP (RFC3748, 5247) EAP over RADIUS (RFC3579) STA EAPOL (IEEE 802.1X) IEEE AP RADIUS (RFC2865) TCP/IP IEEE or other Authentication Server Excessive layering? 47

48 Terminology TLS Client Server EAP/AAA Peer Authenticator EAP server / Backend authentication server 802.1X Supplicant Authenticator Authentication server (AS) RADIUS Network access server (NAS) RADIUS server STA Access point (AP) 48

49 Full WPA2 Authentication Wireless Station (STA) [Probe-Request] Beacon or Probe-Response Authentication-Request Authentication-Response Association-Request Association-Response EAP Request / Identity EAP Response / Identity EAP-TLS Request (start) EAP-TLS Response EAP-TLS Request EAP-TLS-Response EAP-TLS Request EAP Success ClientHello ServerHello, Certificate, ServerKeyExchange, CertificateRequest, ServerHelloDone Certificate, ClientKeyExchange, CertificateVerify, ChangeCipherSpec, Finished ChangeCipherSpec, Finished EAP-TLS-Response (empty) EAPOL-Key (4-way handshake) EAPOL-Key (4-way handshake) EAPOL-Key (4-way handshake) Access Point (AP) EAP-TLS inside EAPOL RADIUS-Access-Request RADIUS-Access-Challenge RADIUS-Access-Request RADIUS-Access-Challenge RADIUS-Access-Request RADIUS-Access-Challenge RADIUS-Access-Request RADIUS-Access-Accept EAP-TLS inside RADIUS Key material from TLS sent to AP Authentication Server (RADIUS Server) EAPOL-Key (4-way handshake)

50 Authentication Latency ~7 round trips between AP and STA for EAP-TLS One less when TLS session reused (cf. 4 with PSK) Probe-Request / Probe-Response alternative to Beacon 1 more round trip Messages with many long certificates may need to be fragmented more round trips 4 round trips between AP and authentication server One less when TLS session reused Typical authentication latency >1 second every time STA roams between APs optimizations needed! 50

51 Session protocol: AES-CCMP Session protocol = how the data is protected after the authenticated key exchange AES Counter Mode-CBC MAC Protocol is used for payload encryption and integrity in RSN Advanced Encryption Standard (AES) CCMP = Counter Mode + CBC MAC AES counter mode encryption CBC MAC for integrity protection Requires AES hardware support 51

52 Session protocol: TKIP (now outdated) Temporal Key Integrity Protocol (TKIP) Designed for transition period when pre-wpa network cards were used with firmware update Still using RC4 but WEP vulnerabilities fixed: New message integrity algorithm Michael New encryption key for each frame 48-bit IV constructed to avoid RC4 weak keys IV used as sequence counter to prevent replays Ok for the transition period, but now outdated: Historical Cryptographic attacks against TKIP make it insecure! Use only WPA2 with AES 52

53 What does WPA2 achieve? Authentication and access control prevents unauthorized network access Mutual authentication prevents association with rogue access points CCMP encryption prevents data interception on wireless link Strong integrity check prevents data spoofing on wireless link w: management frame authentication New key IGTK sent by STA in the four-way handshake (msg 3), management frames after that authenticated with MIC Prevents deauthentication and disassociation spoofing after the four-way handshake 53

54 54 Password authentication for WLAN

55 Captive portal Web-based authentication for network access; also called universal access method (UAM) Used in hotels and wireless hotspots for credit-card payment or password authentication New users are directed to an authentication web page ( captive portal ) when they open a web browser Redirection usually based on spoofed HTTP redirection; sometimes DNS spoofing or IP-layer interception Authenticated users MAC addresses are added to a whitelist to allow Internet access

56 PEAP, EAP-TTLS General idea: authenticate the server with TLS, then the client inside the encrypted tunnel Protected EAP (PEAP) by Microsoft Round 1: EAP-TLS with server-only authentication Instead of EAP-Success, start encryption and move to round 2 Round 2: any EAP authentication method with mutual authentication EAP-PEAP-MSCHAPv2 (also called PEAPv0 or just PEAP): in practice, the authentication in round 2 is MSCHAPv2 What does PEAP achieve: Password authentication takes place inside an encrypted tunnel prevents offline password cracking from MSCHAPv2 messages EAP-Response-Identity sent twice, both in inner and outer EAP layer; outer layer may use the string anonymous for identity protection Similar protocols: LEAP by Cisco (insecure and no longer used) and EAP-TTLS by Funk Software/Juniper 56

57 Link-layer mobility in WLAN Additional reading

58 Reassociation and IAPP When STA moves between APs, it sends Reassociation Request Association Request includes the old AP address New AP may contact the old AP over the wire network to delete the old association there Old AP may forward to the new AP any packets that still arrive there Inter-access point protocol (IAPP) Protocol for communication between APs over the wire network Draft specification f in 2003, never standardized

59 Wireless LAN roaming Moving between APs is slow: may require full association and WPA2-Enterprise authentication Many roundtrips to a remote authentication server Many messages between STA and AP, channel acquisition time for each message can be long on a busy WLAN Complex protocol layering leads to unnecessary messages How to speed up the handover? 59

60 PMK caching AP and STA may cache previous pair-wise master keys (PMK) and reuse them if the same client returns to the same AP Only a 4-way handshake between STA and AP needed after (re)association to create new session keys from the PMK Key identifiers to identify PMK STA may send a list of key identifiers in (re)association request; AP selects one in Message 1 of the 4-way handshake Standardized in i, now in WPA2 60

61 Wireless switch Proprietary roaming solution from network equipment manufacturers Authenticator moved partly to a switch Switch pushes PMK to all or selected APs, or AP pulls key on demand Client STA assumes AP has cached PMK even if it has never authenticated to that AP called opportunistic PMK caching 61

62 802.1X preauthentication 62

63 802.1X preauthentication Client STA scans for potential new APs and authenticates to them before deassociation from the old AP AP advertises the preauthentication capability in its beacon STA communicates with the new AP over the wire LAN, via the old AP STA uses the BSSID (= MAC address) of the new AP as the destination address of the frames it sends to the new AP new AP must be on the same IP segment AP caches the PMK, just as if the STA had associated with it previously Finally, STA reauthenticates to the new AP 63

64 Local handoff problem Handoff between local APs Internet or a large network Remote authentication server Even local handoffs require connection to the AS, which may be far away 64

65 802.11r fast BSS transition Amendment r adds mechanisms for fast handover With PSK or cached MSK, piggyback the 4-way handshake on authentication and association messages only 2 roundtrips between STA and AP Mobility domain = group of APs close to each other + local server that helps in local handoffs AP advertises capability for fast BSS transition, and a mobility domain identifier Key hierarchy within the mobility domain: local server (R0KH) holds first-level key (PMK-R0), which is used to derive second-level keys (PMK-R1) for APs (R1KH) in the same domain avoid contacting a remote authentication server In practice: R0KH = wireless switch, R1KH = AP Also, pre-reservation of resources for QoS (see e) done in parallel with the 4-way handshake 65

66 802.11r key hierarchy *********** Passphrase Pre-Shared Key PSK = PBKDF2(Passphrase) 802.1X authentication Master Session Key MSK Pairwise Master Key, first level PMK-R0 = R0-Key-Data = KDF(PSK/MSK, "FT-R0", SSID, MDID, R0KH-ID, MAC STA ) Pairwise Master Key, second level PMK-R1 = PMK-R1 = KDF(PMK-R0, FT-R1, BSSID, MAC STA ) Pairwise Temporal Key PTK = PTK = KDF(PMK-R1, "FT-PTK", N STA, N AP, BSSID, MAC STA ) split Key Confirmation Key KCK Key Encryption Key KEK Temporal Key TK (key material for session keys) PMK-R0 = key shared by STA and the mobility domain (wireless switch); derived from PSK or EAP MSK PMK-R1 = key shared by STA and AP; derived locally from PMK- R0 AP only knows PMK-R1, STA knows PMK- R0 and can compute PMK-R1 for each new AP 66

67 mobility domains R1KH AP Mobility domain R1KH AP Wireless switch R0KH R1KH AP R1KH AP Mobility domain R1KH AP R0KH Wireless switch Internet or a large network Remote authentication server Handoff within a mobility domain is supported by the local R0KH EAP with AS only when moving between mobility domains r specifies the key hierarchy and communication between STA and AP; the protocol between APs and the R0KH is not standardized 67

68 AAA Authentication, authorization and accounting (AAA) Architecture and protocols for managing network access Standard protocols: DIAMETER (newer), RADIUS (old, still widely used) Roaming support: Visited AAA (VAAA) acts as a proxy for home AAA (HAAA) AAA brokers can be used to create roaming federations AAAF (RADIUS server of foreign network) AAA broker (proxy RADIUS server) AAAH (RADIUS server of user s home domain) Internet AP=NAS 68

69 Eduroam case study 69

70 Eduroam Eduroam uses WPA2 with AES encryption Aalto RADIUS server is radius.org.aalto.fi Aalto user s NAI looks like the address, e.g. Aalto users are authenticated with EAP-PEAP Microsoft s proprietary EAP method with TLS for the server authentication and password for the client Roaming between universities enabled by federation between RADIUS servers 70

71 Eduroam Eduroam is a federation for wireless roaming between educational institutions User is registered at the home university, which as a RADIUS server (AAAH) National educational and research network (NREN), e.g. Funet, operates a national roaming broker National brokers are connected to a regional broker for international roaming EAP authentication: user s home institution determines the EAP authentication method Aalto uses PEAP Users identified by NAI: NAI for Aalto users: (earlier also seems to be no longer in use) In PEAP, the outer NAI only needs to have only correct realm, but Aalto seems to require the username to be correct as well 71

72 ! Network authentication? IN EAP-TLS and PEAP, the client authenticates the RADIUS server based on a certificate To verify the certificate, the client needs to know: trusted CAs name of the RADIUS server On many clients, any commercial CA and any name in the certificate is accepted anyone with any commercial certificate can set up a fake AP and pretend to be the RADIUS server Have you configured he network authentication for Eduroam correctly on your clients? 72

73 Related reading Gollmann, Computer security, 3rd ed., chapters Stallings, Network security essentials, 4th ed. chapter

74 Exercises Is WLAN security alternative or complementary to end-to-end security such as TLS? Why is WPA-Enterprise not widely used in home wireless networks, wireless hotspots or Internet cafes? Why are password-based methods needed for authorizing WLAN access? UAM intercepts the first web request made by the user. What reliability issues might this cause? Can the UAM access control be circumvented? How secure can it be made? Can the password be leaked? If a cellular network operator wants to offer wireless hotspot access to its customers, how could the SIM card be used for authorizing WLAN access from the phones? How could the network attachment and access control protocols be further optimized to reduce latency? Which standards bodies would need to be involved? 74

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2012

Network Security: WLAN Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2012 Network Security: WLAN Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2012 Outline Wireless LAN technology Threats against WLANs Weak security mechanisms and historical WEP

More information

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.

Outline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder. Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/

More information

Chapter 17. Wireless Network Security

Chapter 17. Wireless Network Security Chapter 17 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s, to develop a protocol & transmission specifications for wireless LANs (WLANs) Demand

More information

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis

CS-435 spring semester Network Technology & Programming Laboratory. Stefanos Papadakis & Manolis Spanakis CS-435 spring semester 2016 Network Technology & Programming Laboratory University of Crete Computer Science Department Stefanos Papadakis & Manolis Spanakis CS-435 Lecture preview 802.11 Security IEEE

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

The following chart provides the breakdown of exam as to the weight of each section of the exam.

The following chart provides the breakdown of exam as to the weight of each section of the exam. Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those

More information

Appendix E Wireless Networking Basics

Appendix E Wireless Networking Basics Appendix E Wireless Networking Basics This chapter provides an overview of Wireless networking. Wireless Networking Overview The FWG114P v2 Wireless Firewall/Print Server conforms to the Institute of Electrical

More information

Wireless LAN Security. Gabriel Clothier

Wireless LAN Security. Gabriel Clothier Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group

More information

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection T H E U N I V E R S I T Y O F B R I T I S H C O L U M B I A Outline Network Security EECE 412 Link & end-to-end protocols SSL/TLS WPA Copyright 2004 Konstantin Beznosov 2 Networks Link and End-to-End Protocols

More information

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005 Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks

More information

FAQ on Cisco Aironet Wireless Security

FAQ on Cisco Aironet Wireless Security FAQ on Cisco Aironet Wireless Security Document ID: 68583 Contents Introduction General FAQ Troubleshooting and Design FAQ Related Information Introduction This document provides information on the most

More information

WLAN Roaming and Fast-Secure Roaming on CUWN

WLAN Roaming and Fast-Secure Roaming on CUWN 802.11 WLAN Roaming and Fast-Secure Roaming on CUWN Contents Introduction Prerequisites Requirements Components Used Background Information Roaming with Higher-Level Security WPA/WPA2-PSK WPA/WPA2-EAP

More information

Troubleshooting WLANs (Part 2)

Troubleshooting WLANs (Part 2) SharkFest 17 Europe Troubleshooting WLANs (Part 2) Troubleshooting WLANs using 802.11 Management & Control Frames 8. November 2017 Breaking News: Including KRACK!!! Rolf Leutert Leutert NetServices Switzerland

More information

Configuring a WLAN for Static WEP

Configuring a WLAN for Static WEP Restrictions for Configuring Static WEP, page 1 Information About WLAN for Static WEP, page 1 Configuring WPA1+WPA2, page 3 Restrictions for Configuring Static WEP The OEAP 600 series does not support

More information

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake.

Open System - No/Null authentication, anyone is able to join. Performed as a two way handshake. Five components of WLAN Security 1. Data Privacy 1. Privacy is important because transmission occurs over the air in freely licensed bands. The Data can be sniffed by anyone within range. 2. Eavesdropping

More information

Wireless Networking Basics. Ed Crowley

Wireless Networking Basics. Ed Crowley Wireless Networking Basics Ed Crowley 2014 Today s Topics Wireless Networking Economic drivers and Vulnerabilities IEEE 802.11 Family WLAN Operational Modes Wired Equivalent Privacy (WEP) WPA and WPA2

More information

Wireless# Guide to Wireless Communications. Objectives

Wireless# Guide to Wireless Communications. Objectives Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g

More information

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product.

EXAM - PW Certified Wireless Security Professional (CWSP) Buy Full Product. CWNP EXAM - PW0-204 Certified Wireless Security Professional (CWSP) Buy Full Product http://www.examskey.com/pw0-204.html Examskey CWNP PW0-204 exam demo product is here for you to test the quality of

More information

Securing a Wireless LAN

Securing a Wireless LAN Securing a Wireless LAN This module describes how to apply strong wireless security mechanisms on a Cisco 800, 1800, 2800, or 3800 series integrated services router, hereafter referred to as an access

More information

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Procedure: You can find the problem sheet on the Desktop of the lab PCs. University of Jordan Faculty of Engineering & Technology Computer Engineering Department Computer Advance Networks Laboratory 907529 Lab.3 WLAN Security Objectives 1. Configure administrator accounts.

More information

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2014 Network Security: TLS/SSL Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2014 Outline 1. Diffie-Hellman key exchange (recall from earlier) 2. Key exchange using public-key encryption

More information

From wired internet to ubiquitous wireless internet

From wired internet to ubiquitous wireless internet WlanSmartcard.org Technical Committee Wireless LAN A primer guide. Paris, February 5 th Pascal.Urien@enst.fr From wired internet to ubiquitous wireless internet 1 Classical intranet. Network access is

More information

WPA-GPG: Wireless authentication using GPG Key

WPA-GPG: Wireless authentication using GPG Key Università degli Studi di Bologna DEIS WPA-GPG: Wireless authentication using GPG Key Gabriele Monti December 9, 2009 DEIS Technical Report no. DEIS-LIA-007-09 LIA Series no. 97 WPA-GPG: Wireless authentication

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER 2

More information

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology

CSNT 180 Wireless Networking. Chapter 7 WLAN Terminology and Technology CSNT 180 Wireless Networking Chapter 7 WLAN Terminology and Technology Norman McEntire norman.mcentire@servin.com Founder, Servin Corporation, http://servin.com Technology Training for Technology Professionals

More information

Wireless Access Point

Wireless Access Point 802.11g / 802.11b / WPA Wireless Access Point User's Guide TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 Features of your Wireless Access Point... 1 Package Contents... 4 Physical Details... 4 CHAPTER

More information

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities

Wireless Security. Comp Sci 3600 Security. Attacks WEP WPA/WPA2. Authentication Encryption Vulnerabilities Wireless Security Comp Sci 3600 Security Outline 1 2 3 Wired versus wireless Endpoint Access point Figure 24.1 Wireless Networking Components Locations and types of attack Outline 1 2 3 Wired Equivalent

More information

Wireless-N Business Notebook Adapter

Wireless-N Business Notebook Adapter Wireless-N Business Notebook Adapter USER GUIDE BUSINESS SERIES Model No. WPC4400N Model Model No. No. Copyright and Trademarks Specifications are subject to change without notice. Linksys is a registered

More information

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0

LevelOne. User Manual. WAP Mbps PoE Wireless AP V3.0.0 LevelOne WAP-0005 108Mbps PoE Wireless AP User Manual V3.0.0 i TABLE OF CONTENTS CHAPTER 1 INTRODUCTION... 1 FIGURE 1: WIRELESS ACCESS POINT... 1 FEATURES OF YOUR WIRELESS ACCESS POINT... 1 Security Features...

More information

How Insecure is Wireless LAN?

How Insecure is Wireless LAN? Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost

More information

A Secure Wireless LAN Access Technique for Home Network

A Secure Wireless LAN Access Technique for Home Network A Secure Wireless LAN Access Technique for Home Network *Ju-A Lee, *Jae-Hyun Kim, **Jun-Hee Park, and **Kyung-Duk Moon *School of Electrical and Computer Engineering Ajou University, Suwon, Korea {gaia,

More information

Configuring the Client Adapter

Configuring the Client Adapter CHAPTER 5 This chapter explains how to configure profile parameters. The following topics are covered in this chapter: Overview, page 5-2 Setting General Parameters, page 5-3 Setting Advanced Parameters,

More information

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE

Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE Mobile MOUSe WIRELESS TECHNOLOGY SPECIALIST ONLINE COURSE OUTLINE COURSE TITLE WIRELESS TECHNOLOGY SPECIALIST COURSE DURATION 13 Hours of Interactive Training COURSE OVERVIEW This course will teach you

More information

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2010 Network Security: Broadcast and Multicast Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)

More information

Chapter 1 Describing Regulatory Compliance

Chapter 1 Describing Regulatory Compliance [ 2 ] Chapter 1 Describing Regulatory Compliance Failure to secure a WLAN makes it vulnerable to attack. To properly secure your network, you must be able to identify common threats to wireless and know

More information

Configuring OfficeExtend Access Points

Configuring OfficeExtend Access Points Information About OfficeExtend Access Points, page 1 OEAP 600 Series Access Points, page 2 OEAP in Local Mode, page 3 Supported WLAN Settings for 600 Series OfficeExtend Access Point, page 3 WLAN Security

More information

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design

Wireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design Protocol Analysis and Design 1 Networks 1. WIRELESS NETWORKS 2 Networks 1. WIRELESS NETWORKS 1.1 WiFi 802.11 3 Networks OSI Structure 4 Networks Infrastructure Networks BSS : Basic Set Service ESS : Extended

More information

Wireless Technologies

Wireless Technologies Wireless Technologies Networking for Home and Small Businesses Chapter 7 Manju. V. Sankar 1 Objectives Describe wireless technologies. Describe the various components and structure of a WLAN Describe wireless

More information

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536) Prepared by Dr. Samia Chelloug E-mail: samia_chelloug@yahoo.fr Content

More information

COSC4377. Chapter 8 roadmap

COSC4377. Chapter 8 roadmap Lecture 28 Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7

More information

Network Access Flows APPENDIXB

Network Access Flows APPENDIXB APPENDIXB This appendix describes the authentication flows in Cisco Identity Services Engine (ISE) by using RADIUS-based Extensible Authentication Protocol (EAP) and non-eap protocols. Authentication verifies

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. USB Network Adapter. User Guide WIRELESS WUSB54G. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G USB Network Adapter User Guide Model No. WUSB54G Copyright and Trademarks Specifications are subject to change without notice. Linksys

More information

Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach

Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach Selection of EAP Authentication Method for use in a Public WLAN: Implementation Environment Based Approach David Gitonga Mwathi * William Okello-Odongo Elisha Opiyo Department of Computer Science and ICT

More information

Advanced Security and Mobile Networks

Advanced Security and Mobile Networks Advanced Security and Mobile Networks W.Buchanan (1) 9. GSM/3G Unit 7: Mobile Networks. Wireless. Security. Mobile IP. Mobile Agents. Spread spectrum. Military/Emergency Networks 8. Ad-hoc 7. Mobile Networks

More information

Wireless Terms. Uses a Chipping Sequence to Provide Reliable Higher Speed Data Communications Than FHSS

Wireless Terms. Uses a Chipping Sequence to Provide Reliable Higher Speed Data Communications Than FHSS How to Set Up a Secure Home Wireless Network What you don t know about setting up a home wireless network can hurt you. 2008 APCUG Convention Session Tom Jones, P.E., RCDD-NTS CQS-CWLSS AGENDA Some Terms

More information

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through

accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through accounting (SSID configuration mode) through encryption mode wep accounting (SSID configuration mode) through encryption mode wep 1 accounting (SSID configuration) accounting (SSID configuration mode)

More information

Wireless Networked Systems

Wireless Networked Systems Wireless Networked Systems CS 795/895 - Spring 2013 Lec #5: Medium Access Control High Throughput, Security Tamer Nadeem Dept. of Computer Science High Throughput Networks (802.11n) Slides adapted from

More information

Security Setup CHAPTER

Security Setup CHAPTER CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP

More information

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011

Network Security: Broadcast and Multicast. Tuomas Aura T Network security Aalto University, Nov-Dec 2011 Network Security: Broadcast and Multicast Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2011 Outline 1. Broadcast and multicast 2. Receiver access control (i.e. data confidentiality)

More information

The security of existing wireless networks

The security of existing wireless networks Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications

More information

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010 Network Security: TLS/SSL Tuomas Aura T-110.5240 Network security Aalto University, Nov-Dec 2010 Outline 1. Diffie-Hellman 2. Key exchange using public-key encryption 3. Goals of authenticated key exchange

More information

A Configuration Protocol for Embedded Devices on Secure Wireless Networks

A Configuration Protocol for Embedded Devices on Secure Wireless Networks A Configuration Protocol for Embedded Devices on Secure Wireless Networks Larry Sanders lsanders@ittc.ku.edu 6 May 2003 Introduction Wi-Fi Alliance Formally Wireless Ethernet Compatibility Alliance (WECA)

More information

Configuring the Client Adapter through the Windows XP Operating System

Configuring the Client Adapter through the Windows XP Operating System APPENDIX E Configuring the Client Adapter through the Windows XP Operating System This appendix explains how to configure and use the client adapter with Windows XP. The following topics are covered in

More information

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Computer Security 3e Dieter Gollmann Security.di.unimi.it/sicurezza1415/ Chapter 16: 1 Chapter 16: Communications Security Chapter 16: 2 Agenda Threat model Secure tunnels Protocol design principles IPsec

More information

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide

CUA-854 Wireless-G Long Range USB Adapter with Antenna. User s Guide CUA-854 Wireless-G Long Range USB Adapter with Antenna User s Guide Table of Contents Chapter 1. Introduction...5 1.1. About CUA-854...5 1.2. Key Features...5 1.3. Package Included...5 Chapter 2. Connect

More information

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne

What is a Wireless LAN? The wireless telegraph is not difficult to understand. The ordinary telegraph is like a very long cat. You pull the tail in Ne Introduction to Wireless Networking and Security Chino Information Technology Center Steve Siedschlag, Associate Professor What is a Wireless LAN? The wireless telegraph is not difficult to understand.

More information

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

Wireless Networking based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Wireless Networking 802.11 based on Chapter 15 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers topics Standards Technical Concepts Implementation Troubleshooting 802.11 timeline source: Anandtech

More information

EnGenius Quick Start Guide

EnGenius Quick Start Guide T he operates seamlessly in the 2.4 GHz frequency spectrum supporting the 802.11b (2.4GHz, 11Mbps) and the newer, faster 802.11g (2.4GHz, 54Mbpswireless standard. High output power and high sensitivity

More information

1. INTRODUCTION. Wi-Fi 1

1. INTRODUCTION. Wi-Fi 1 Wi-Fi 1 1. INTRODUCTION Wi-Fi, or Wireless Fidelity, is freedom: it allows you to connect to the Internet from your home, a bed in a hotel room or at a conference room at work without wires. How? Wi-Fi

More information

CSCE 715: Network Systems Security

CSCE 715: Network Systems Security CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are

More information

CSCE 715: Network Systems Security

CSCE 715: Network Systems Security CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Web Security Web is now widely used by business, government, and individuals But Internet and Web are

More information

Configuring the Xirrus Array

Configuring the Xirrus Array Configuring the Xirrus Array This chapter covers configuration and management tasks using the product s embedded Web Management Interface (WMI). It also includes a procedure for logging in to the XS-3900/XS-3700/XS-3500

More information

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov.

Wireless Networks. Authors: Marius Popovici Daniel Crişan Zagham Abbas. Technical University of Cluj-Napoca Group Cluj-Napoca, 24 Nov. Wireless Networks Authors: Marius Popovici Daniel Crişan Zagham Abbas Technical University of Cluj-Napoca Group 3250 Cluj-Napoca, 24 Nov. 2003 Presentation Outline Wireless Technology overview The IEEE

More information

802.1x. ACSAC 2002 Las Vegas

802.1x. ACSAC 2002 Las Vegas 802.1x ACSAC 2002 Las Vegas Jeff.Hayes@alcatel.com 802.1 Projects The IEEE 802.1 Working Group is chartered to concern itself with and develop standards and recommended practices in the following areas:

More information

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] s@lm@n Cisco Exam 642-737 Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ] Cisco 642-737 : Practice Test Question No : 1 RADIUS is set up with multiple servers

More information

Configuring Cipher Suites and WEP

Configuring Cipher Suites and WEP 10 CHAPTER This chapter describes how to configure the cipher suites required to use WPA authenticated key management, Wired Equivalent Privacy (WEP), Temporal Key Integrity Protocol (TKIP), and broadcast

More information

WL-5450AP & WL-5460AP Wireless Access Point. User s Guide

WL-5450AP & WL-5460AP Wireless Access Point. User s Guide WL-5450AP & WL-5460AP Wireless Access Point User s Guide 1 FCC Certifications This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the

More information

Cisco Exam Questions & Answers

Cisco Exam Questions & Answers Cisco 300-208 Exam Questions & Answers Number: 300-208 Passing Score: 800 Time Limit: 120 min File Version: 38.4 http://www.gratisexam.com/ Exam Code: 300-208 Exam Name: Implementing Cisco Secure Access

More information

Numerics I N D E X. 3 DES (triple Data Encryption Standard), 18 4-way handshake, RM, Security.com, 399

Numerics I N D E X. 3 DES (triple Data Encryption Standard), 18 4-way handshake, RM, Security.com, 399 I N D E X Numerics A 3 DES (triple Data Encryption Standard), 18 4-way handshake, 222 802 RM, 61 802.11-Security.com, 399 AAA MAC-based authentication, 116 servers, 6 shared-key authentication, 118 access

More information

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No.

A Division of Cisco Systems, Inc. GHz g. Wireless-G. User Guide. Access Point WIRELESS. WAP54G v2. Model No. A Division of Cisco Systems, Inc. GHz 2.4 802.11g WIRELESS Wireless-G Access Point User Guide Model No. WAP54G v2 Copyright and Trademarks Specifications are subject to change without notice. Linksys is

More information

Wireless LANs. ITS 413 Internet Technologies and Applications

Wireless LANs. ITS 413 Internet Technologies and Applications Wireless LANs ITS 413 Internet Technologies and Applications Aim: Aim and Contents Understand how IEEE 802.11 wireless LANs work Understand what influences the performance of wireless LANs Contents: IEEE

More information

New Windows build with WLAN access

New Windows build with WLAN access New Windows build with WLAN access SecRep 24 17-18 May 2016 Ahmed Benallegue/Hassan El Ghouizy/Priyan Ariyansinghe ECMWF network_services@ecmwf.int ECMWF May 19, 2016 Introduction Drivers for the new WLAN

More information

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD. V100R002C10 Permission Control Technical White Paper Issue 01 Date 2016-04-15 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form

More information

A Comparison of Data-Link and Network Layer Security for IEEE Networks

A Comparison of Data-Link and Network Layer Security for IEEE Networks A Comparison of Data-Link and Network Layer Security for IEEE 802. Networks Group #8 Harold L. McCarter, Ryan Calme, Hongwu Zang, Wayne Jones INFS 62 Professor Yih-Feng Hwang July 7, 2006 Abstract This

More information

Configuring Management Frame Protection

Configuring Management Frame Protection Information About Management Frame Protection, page 1 Restrictions for Management Frame Protection, page 3 (GUI), page 3 Viewing the Management Frame Protection Settings (GUI), page 3 (CLI), page 4 Viewing

More information

5 Tips to Fortify your Wireless Network

5 Tips to Fortify your Wireless Network Article ID: 5035 5 Tips to Fortify your Wireless Network Objective Although Wi-Fi networks are convenient for you and your employees, there may be unwanted clients using up the bandwidth you pay for. In

More information

Chapter 4: Securing TCP connections

Chapter 4: Securing TCP connections Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section

More information

Unified Services Routers

Unified Services Routers Product Highlights Comprehensive Management Solution Active-Active WAN port features such as auto WAN failover and load balancing, ICSA-certified firewall, and D-Link Green Technology make this a reliable,

More information

Using the Cisco Unified Wireless IP Phone 7921G Web Pages

Using the Cisco Unified Wireless IP Phone 7921G Web Pages CHAPTER 4 Using the Cisco Unified Wireless IP Phone 7921G Web Pages You can use the Cisco Unified Wireless IP Phone 7921G web pages to set up and configure settings for the phone. This chapter describes

More information

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS)

Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) Cisco 4400 Series Wireless LAN Controllers PEAP Under Unified Wireless Networks with Microsoft Internet Authentication Service (IAS) HOME SUPPORT PRODUCT SUPPORT WIRELESS CISCO 4400 SERIES WIRELESS LAN

More information

Complexity. An introduction to protocol chaos. Andrés Blanco. CC License - Swtiruty Rgbytw

Complexity. An introduction to protocol chaos. Andrés Blanco.   CC License - Swtiruty Rgbytw 802.11 Complexity An introduction to 802.11 protocol chaos Andrés Blanco Email: 6e726d@gmail.com Twitter: @6e726d CC License - Swtiruty Rgbytw Motivation 802.11 it s everywhere https://twitter.com/skrud/status/767243097331736578

More information

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Securing Wireless Networks by By Joe Klemencic Mon. Apr http://www.cymru.com/ Securing Wireless Networks by By Joe Klemencic (faz@home.com) Mon. Apr 30 2001 Many companies make attempts to embrace new technologies, but unfortunately, many of these new technologies

More information

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server

PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server PEAP under Unified Wireless Networks with ACS 5.1 and Windows 2003 Server Document ID: 112175 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram Windows

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc.

GHz g. Wireless A+G. User Guide. Notebook Adapter. Dual-Band. Dual-Band WPC55AG a. A Division of Cisco Systems, Inc. A Division of Cisco Systems, Inc. Dual-Band 5 GHz 802.11a + GHz 2.4 802.11g WIRELESS Dual-Band Wireless A+G Notebook Adapter User Guide Model No. WPC55AG Copyright and Trademarks Specifications are subject

More information

CCNA 3 (v v6.0) Chapter 4 Exam Answers % Full

CCNA 3 (v v6.0) Chapter 4 Exam Answers % Full CCNA 3 (v5.0.3 + v6.0) Chapter 4 Exam Answers 2017 100% Full ccnav6.com /ccna-3-v5-0-3-v6-0-chapter-4-exam-answers-2017-100-full.html CCNA Exam Answers 2017 CCNA 3 (v5.0.3 + v6.0) Chapter 4 Exam Answers

More information

Section 4 Cracking Encryption and Authentication

Section 4 Cracking Encryption and Authentication Section 4 Cracking 802.11 Encryption and Authentication In the previous section we showed the vulnerabilities of Open Wireless LANs. In this section we ll show some of the techniques and tools used to

More information

Network Security 1. Module 7 Configure Trust and Identity at Layer 2

Network Security 1. Module 7 Configure Trust and Identity at Layer 2 Network Security 1 Module 7 Configure Trust and Identity at Layer 2 1 Learning Objectives 7.1 Identity-Based Networking Services (IBNS) 7.2 Configuring 802.1x Port-Based Authentication 2 Module 7 Configure

More information

Wireless Networking WiFi Standards 802.11a 5GHz 54MB 802.11b 2.4 GHz 11MB 802.11g 2.4GHz 52MB 802.11n 2.4/5GHz 108MB 802.11b The 802.11b standard has a maximum raw data rate of 11 Mbit/s, and uses

More information

802.11ac Wireless Access Point Model WAC104

802.11ac Wireless Access Point Model WAC104 Point Model WAC104 User Manual October 2016 202-11698-01 350 E. Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. You can visit www.netgear.com/support to register

More information

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide

Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide Grandstream Networks, Inc. GWN76xx Wi-Fi Access Points Master/Slave Architecture Guide Table of Contents INTRODUCTION... 4 DISCOVER AND PAIR GWN76XX ACCESS POINTS... 5 Discover GWN76xx... 5 Method 1: Discover

More information

Status of P Sub-Specification

Status of P Sub-Specification Status of P1451.5 802.11 Sub-Specification June 7, 2004 Ryon Coleman Senior Systems Engineer 802.11 Subgroup rcoleman@3eti.com Agenda 1. IEEE 802.11 Architecture 2. Scope within the 1451 Reference Model

More information

Prestige 660HW Series. Prestige 660H Series. Quick Start Guide

Prestige 660HW Series. Prestige 660H Series. Quick Start Guide Prestige 660HW Series ADSL 2+ 4-Port Gateway with 802.11g Wireless Prestige 660H Series ADSL 2+ 4-Port Gateway Quick Start Guide Version 3.40 01/2005 Table of Contents Introducing the Prestige... 3 1 Hardware

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. PCI Adapter WIRELESS. with SpeedBooster WMP54GS (EU/UK/LA) Model No.

A Division of Cisco Systems, Inc. GHz 2, g. Wireless-G. User Guide. PCI Adapter WIRELESS. with SpeedBooster WMP54GS (EU/UK/LA) Model No. A Division of Cisco Systems, Inc. GHz 2,4 802.11g WIRELESS Wireless-G PCI Adapter with SpeedBooster User Guide Model No. WMP54GS (EU/UK/LA) Copyright and Trademarks Specifications are subject to change

More information

802.1X: Deployment Experiences and Obstacles to Widespread Adoption

802.1X: Deployment Experiences and Obstacles to Widespread Adoption 802.1X: Deployment Experiences and Obstacles to Widespread Adoption Terry Simons University of Utah; open1x.org Terry.Simons@utah.edu Jon Snyder Portland State University jon@pdx.edu 802.1X Adoption Ratified

More information

MIMO Wireless Broadband Route r User s Manual 1

MIMO Wireless Broadband Route r User s Manual 1 MIMO Wireless Broadband Router User s Manual 1 Introduction...4 Features...4 Minimum Requirements...4 Package Content...4 Note...4 Get to know the Broadband Router...5 Back Panel...5 Front Panel...6 Setup

More information

Wireless LAN Access Point

Wireless LAN Access Point Wireless LAN Access Point IEEE 802.11b/g 54Mbps 501903 User s Manual Table of Contents Chapter 1 Introduction... 1 1.1 Package Contents... 2 1.2 Features... 2 1.3 Specifications... 2 1.4 Physical Description...

More information

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013

Wireless Security K. Raghunandan and Geoff Smith. Technology September 21, 2013 Wireless Security K. Raghunandan and Geoff Smith Stevens Institute t of Technology September 21, 2013 Topics Cyber Security hacking community Familiarity with IP networks What is the security yprocess

More information

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK

WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK WIRELESS LOCAL AREA NETWORK SECURITY USING WPA2-PSK S.DEEPTHI 1 G.MARY SWARNALATHA 2 PAPARAO NALAJALA 3 Assoc. Professor, Dept. of Electronics &Communication Engineering at Institute of Aeronautical Engineering,

More information